OpenClaw Update: Enterprise Conformance, Performance Optimizations, and Security Hardening

This window of updates for OpenClaw focuses on bridging the gap between flexible developer configurations and enterprise-grade operational requirements. The primary highlights include a new policy conformance system for auditable workspace posture, significant performance gains in plugin discovery, and a series of security-focused 'fail-closed' fixes across multiple integrations.

Merged PRs

• perf(plugins): scan-scoped package.json cache in discovery (Original PR)
• feat(discord): follow configured users in voice (Original PR)
• Policy: add conformance system with channel checks (Original PR)
• fix(cron-cli): bound loadCronJobForShow pagination (Original PR)
• fix(config): accept execApprovals.enabled="auto" in zod schema (Original PR)
• fix(mattermost): fail closed on missing channel type (Original PR)
• Recheck rebuilt system.run argv (Original PR)

Key Changes

Enterprise Policy & Conformance

OpenClaw has introduced a bundled policy extension designed for enterprise conformance. This system allows operators to define a required posture in a policy.jsonc file (e.g., denying specific communication providers like Telegram) and produce auditable proof that a workspace matches these requirements.

Key architectural decisions include:

• Policy-as-Health: The system treats policy requirements as health checks. The doctor --lint command reports non-conforming settings, and doctor --fix can automatically repair them if enabled.
• Attestation: The policy check --json command generates a stable attestation hash based on the policy hash, evidence hash, and findings hash, providing a durable audit trail.

Performance Optimization

A critical performance bottleneck in plugin discovery was addressed. Previously, each plugin's package.json was being read up to 1,565 times per TUI startup due to overlapping scan paths. The introduction of a scan-scoped package.json cache—keyed by trust mode and real path—is expected to reduce these reads to approximately 1-2 per file, eliminating nearly 99% of the redundant I/O.

Integration & Security Hardening

Several 'fail-closed' security improvements were merged to ensure that missing or ambiguous data does not lead to permissive behavior:

• Mattermost: Events with unresolved channel types are now dropped before routing, preventing them from being incorrectly classified as regular channel traffic.
• System Execution: The system.run logic now performs a final allowlist evaluation on rebuilt shell arguments (argv) before execution. This ensures that any transformations made during the rendering process do not bypass the initial security decision.
• Discord: Added the ability for the bot to follow configured users in voice channels, including robust handling for large user lists and transient REST failures.

Bug Fixes

• Cron CLI: Fixed a high-severity bug where openclaw cron show could hang indefinitely if the gateway returned a non-advancing pagination offset. A page cap (50 iterations) and advancement assertion were added to prevent infinite loops.
• Config Validation: The Zod schema was updated to correctly accept "auto" for execApprovals.enabled across Discord, Slack, and Telegram, closing a gap between the documented behavior and the validator.

Impact

For enterprise operators, the new policy system provides a necessary layer of auditability and governance without introducing runtime overhead. For the general user, the TUI startup time should see a noticeable improvement due to the optimized plugin discovery process.

From a security perspective, the 'fail-closed' approach in Mattermost and system execution significantly reduces the attack surface by ensuring that the system does not make assumptions about missing data. Finally, the fix to the cron CLI resolves a potential crash-loop scenario, increasing the overall stability of the CLI tools.